debian/notmuch
1
0
Fork 0
mirror of https://git.notmuchmail.org/git/notmuch synced 2024-11-21 18:38:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

indexing: Change from try_decrypt to decrypt

Browse source 
the command-line interface for indexing (reindex, new, insert) used
--try-decrypt; and the configuration records used index.try_decrypt.
But by comparison with "show" and "reply", there doesn't seem to be
any reason for the "try" prefix.

This changeset adjusts the command-line interface and the
configuration interface.

For the moment, i've left indexopts_{set,get}_try_decrypt alone.  The
subsequent changeset will address those.
This commit is contained in:
Daniel Kahn Gillmor 2017-12-08 01:23:50 -05:00 committed by David Bremner
parent de80ede3df
commit d3964e81ac
12 changed files with 40 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
NEWS
View file

@ -19,9 +19,9 @@ Indexing cleartext of encrypted e-mails
It's now possible to include the cleartext of encrypted e-mails in It's now possible to include the cleartext of encrypted e-mails in
the notmuch index. This makes it possible to search your encrypted the notmuch index. This makes it possible to search your encrypted
e-mails with the same ease as searching cleartext. This can be done e-mails with the same ease as searching cleartext. This can be done
on a per-message basis with the --try-decrypt argument to indexing on a per-message basis with the --decrypt argument to indexing
commands (new, insert, reindex), or by default by running "notmuch commands (new, insert, reindex), or by default by running "notmuch
config set index.try_decrypt true". config set index.decrypt true".
Note that the contents of the index are sufficient to roughly Note that the contents of the index are sufficient to roughly
reconstruct the cleartext of the message itself, so please ensure reconstruct the cleartext of the message itself, so please ensure

12
completion/notmuch-completion.bash
View file

@ -287,7 +287,7 @@ _notmuch_insert()
sed "s|^$path/||" | grep -v "\(^\|/\)\(cur\|new\|tmp\)$" ) ) sed "s|^$path/||" | grep -v "\(^\|/\)\(cur\|new\|tmp\)$" ) )
return return
;; ;;
--try-decrypt) --decrypt)
COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) ) COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
return return
;; ;;
@ -296,7 +296,7 @@ _notmuch_insert()
! $split && ! $split &&
case "${cur}" in case "${cur}" in
--*) --*)
local options="--create-folder --folder= --keep --no-hooks --try-decrypt= ${_notmuch_shared_options}" local options="--create-folder --folder= --keep --no-hooks --decrypt= ${_notmuch_shared_options}"
compopt -o nospace compopt -o nospace
COMPREPLY=( $(compgen -W "$options" -- ${cur}) ) COMPREPLY=( $(compgen -W "$options" -- ${cur}) )
return return
@ -319,7 +319,7 @@ _notmuch_new()
$split && $split &&
case "${prev}" in case "${prev}" in
--try-decrypt) --decrypt)
COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) ) COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
return return
;; ;;
@ -328,7 +328,7 @@ _notmuch_new()
! $split && ! $split &&
case "${cur}" in case "${cur}" in
-*) -*)
local options="--no-hooks --try-decrypt= --quiet ${_notmuch_shared_options}" local options="--no-hooks --decrypt= --quiet ${_notmuch_shared_options}"
compopt -o nospace compopt -o nospace
COMPREPLY=( $(compgen -W "${options}" -- ${cur}) ) COMPREPLY=( $(compgen -W "${options}" -- ${cur}) )
;; ;;
@ -437,7 +437,7 @@ _notmuch_reindex()
$split && $split &&
case "${prev}" in case "${prev}" in
--try-decrypt) --decrypt)
COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) ) COMPREPLY=( $( compgen -W "true false" -- "${cur}" ) )
return return
;; ;;
@ -446,7 +446,7 @@ _notmuch_reindex()
! $split && ! $split &&
case "${cur}" in case "${cur}" in
-*) -*)
local options="--try-decrypt= ${_notmuch_shared_options}" local options="--decrypt= ${_notmuch_shared_options}"
compopt -o nospace compopt -o nospace
COMPREPLY=( $(compgen -W "$options" -- ${cur}) ) COMPREPLY=( $(compgen -W "$options" -- ${cur}) )
;; ;;

4
doc/man1/notmuch-config.rst
View file

@ -138,7 +138,7 @@ The available configuration items are described below.
Default: ``gpg``. Default: ``gpg``.
**index.try_decrypt** **index.decrypt**
**[STORED IN DATABASE]** **[STORED IN DATABASE]**
When indexing an encrypted e-mail message, if this variable is When indexing an encrypted e-mail message, if this variable is
@ -146,7 +146,7 @@ The available configuration items are described below.
the cleartext. Be aware that the index is likely sufficient the cleartext. Be aware that the index is likely sufficient
to reconstruct the cleartext of the message itself, so please to reconstruct the cleartext of the message itself, so please
ensure that the notmuch message index is adequately protected. ensure that the notmuch message index is adequately protected.
DO NOT USE ``index.try_decrypt=true`` without considering the DO NOT USE ``index.decrypt=true`` without considering the
security of your index. security of your index.
Default: ``false``. Default: ``false``.

6
doc/man1/notmuch-insert.rst
View file

@ -51,7 +51,7 @@ Supported options for **insert** include
``--no-hooks`` ``--no-hooks``
Prevent hooks from being run. Prevent hooks from being run.
``--try-decrypt=(true|false)`` ``--decrypt=(true|false)``
If true and the message is encrypted, try to decrypt the If true and the message is encrypted, try to decrypt the
message while indexing. If decryption is successful, index message while indexing. If decryption is successful, index
@ -60,10 +60,10 @@ Supported options for **insert** include
that the index is likely sufficient to reconstruct the that the index is likely sufficient to reconstruct the
cleartext of the message itself, so please ensure that the cleartext of the message itself, so please ensure that the
notmuch message index is adequately protected. DO NOT USE notmuch message index is adequately protected. DO NOT USE
``--try-decrypt=true`` without considering the security of ``--decrypt=true`` without considering the security of
your index. your index.
See also ``index.try_decrypt`` in **notmuch-config(1)**. See also ``index.decrypt`` in **notmuch-config(1)**.
EXIT STATUS EXIT STATUS
=========== ===========

6
doc/man1/notmuch-new.rst
View file

@ -43,17 +43,17 @@ Supported options for **new** include
``--quiet`` ``--quiet``
Do not print progress or results. Do not print progress or results.
``--try-decrypt=(true|false)`` ``--decrypt=(true|false)``
If true, when encountering an encrypted message, try to If true, when encountering an encrypted message, try to
decrypt it while indexing. If decryption is successful, index decrypt it while indexing. If decryption is successful, index
the cleartext itself. Be aware that the index is likely the cleartext itself. Be aware that the index is likely
sufficient to reconstruct the cleartext of the message itself, sufficient to reconstruct the cleartext of the message itself,
so please ensure that the notmuch message index is adequately so please ensure that the notmuch message index is adequately
protected. DO NOT USE ``--try-decrypt=true`` without protected. DO NOT USE ``--decrypt=true`` without
considering the security of your index. considering the security of your index.
See also ``index.try_decrypt`` in **notmuch-config(1)**. See also ``index.decrypt`` in **notmuch-config(1)**.
EXIT STATUS EXIT STATUS
=========== ===========

6
doc/man1/notmuch-reindex.rst
View file

@ -21,17 +21,17 @@ messages using the supplied options.
Supported options for **reindex** include Supported options for **reindex** include
``--try-decrypt=(true|false)`` ``--decrypt=(true|false)``
If true, when encountering an encrypted message, try to If true, when encountering an encrypted message, try to
decrypt it while reindexing. If decryption is successful, decrypt it while reindexing. If decryption is successful,
index the cleartext itself. Be aware that the index is likely index the cleartext itself. Be aware that the index is likely
sufficient to reconstruct the cleartext of the message itself, sufficient to reconstruct the cleartext of the message itself,
so please ensure that the notmuch message index is adequately so please ensure that the notmuch message index is adequately
protected. DO NOT USE ``--try-decrypt=true`` without protected. DO NOT USE ``--decrypt=true`` without
considering the security of your index. considering the security of your index.
See also ``index.try_decrypt`` in **notmuch-config(1)**. See also ``index.decrypt`` in **notmuch-config(1)**.
SEE ALSO SEE ALSO
======== ========

2
doc/man7/notmuch-properties.rst
View file

@ -70,7 +70,7 @@ of its normal activity.
properties will be set on the message as a whole. properties will be set on the message as a whole.
If notmuch never tried to decrypt an encrypted message during If notmuch never tried to decrypt an encrypted message during
indexing (which is the default, see ``index.try_decrypt`` in indexing (which is the default, see ``index.decrypt`` in
**notmuch-config(1)**), then this property will not be set on that **notmuch-config(1)**), then this property will not be set on that
message. message.

14
lib/indexopts.c
View file

@ -27,18 +27,18 @@ notmuch_database_get_default_indexopts (notmuch_database_t *db)
if (!ret) if (!ret)
return ret; return ret;
char * try_decrypt; char * decrypt;
notmuch_status_t err = notmuch_database_get_config (db, "index.try_decrypt", &try_decrypt); notmuch_status_t err = notmuch_database_get_config (db, "index.decrypt", &decrypt);
if (err) if (err)
return ret; return ret;
if (try_decrypt && if (decrypt &&
((!(strcasecmp(try_decrypt, "true"))) || ((!(strcasecmp(decrypt, "true"))) ||
(!(strcasecmp(try_decrypt, "yes"))) || (!(strcasecmp(decrypt, "yes"))) ||
(!(strcasecmp(try_decrypt, "1"))))) (!(strcasecmp(decrypt, "1")))))
notmuch_indexopts_set_try_decrypt (ret, true); notmuch_indexopts_set_try_decrypt (ret, true);
free (try_decrypt); free (decrypt);
return ret; return ret;
} }

2
notmuch-config.c
View file

@ -813,7 +813,7 @@ static bool
_stored_in_db (const char *item) _stored_in_db (const char *item)
{ {
const char * db_configs[] = { const char * db_configs[] = {
"index.try_decrypt", "index.decrypt",
}; };
if (STRNCMP_LITERAL (item, "query.") == 0) if (STRNCMP_LITERAL (item, "query.") == 0)
return true; return true;

4
notmuch.c
View file

@ -101,7 +101,7 @@ struct _notmuch_client_indexing_cli_choices indexing_cli_choices = { };
const notmuch_opt_desc_t notmuch_shared_indexing_options [] = { const notmuch_opt_desc_t notmuch_shared_indexing_options [] = {
{ .opt_bool = &indexing_cli_choices.try_decrypt, { .opt_bool = &indexing_cli_choices.try_decrypt,
.present = &indexing_cli_choices.try_decrypt_set, .present = &indexing_cli_choices.try_decrypt_set,
.name = "try-decrypt" }, .name = "decrypt" },
{ } { }
}; };
@ -117,7 +117,7 @@ notmuch_process_shared_indexing_options (notmuch_database_t *notmuch, g_mime_3_u
return NOTMUCH_STATUS_OUT_OF_MEMORY; return NOTMUCH_STATUS_OUT_OF_MEMORY;
status = notmuch_indexopts_set_try_decrypt (indexing_cli_choices.opts, indexing_cli_choices.try_decrypt); status = notmuch_indexopts_set_try_decrypt (indexing_cli_choices.opts, indexing_cli_choices.try_decrypt);
if (status != NOTMUCH_STATUS_SUCCESS) { if (status != NOTMUCH_STATUS_SUCCESS) {
fprintf (stderr, "Error: Failed to set try_decrypt to %s. (%s)\n", fprintf (stderr, "Error: Failed to set index decryption policy to %s. (%s)\n",
indexing_cli_choices.try_decrypt ? "True" : "False", notmuch_status_to_string (status)); indexing_cli_choices.try_decrypt ? "True" : "False", notmuch_status_to_string (status));
notmuch_indexopts_destroy (indexing_cli_choices.opts); notmuch_indexopts_destroy (indexing_cli_choices.opts);
indexing_cli_choices.opts = NULL; indexing_cli_choices.opts = NULL;

18
test/T357-index-decryption.sh
View file

@ -29,7 +29,7 @@ test_expect_equal \
# create a test encrypted message that is indexed in the clear # create a test encrypted message that is indexed in the clear
test_begin_subtest 'emacs delivery of encrypted message' test_begin_subtest 'emacs delivery of encrypted message'
test_expect_success \ test_expect_success \
'emacs_fcc_message --try-decrypt=true \ 'emacs_fcc_message --decrypt=true \
"test encrypted message for cleartext index 002" \ "test encrypted message for cleartext index 002" \
"This is a test encrypted message with a wumpus.\n" \ "This is a test encrypted message with a wumpus.\n" \
"(mml-secure-message-encrypt)"' "(mml-secure-message-encrypt)"'
@ -71,8 +71,8 @@ test_expect_equal \
# try reinserting it with decryption, should appear again, but now we # try reinserting it with decryption, should appear again, but now we
# have two copies of the message: # have two copies of the message:
test_begin_subtest "message cleartext is present after reinserting with --try-decrypt" test_begin_subtest "message cleartext is present after reinserting with --decrypt"
notmuch insert --folder=sent --try-decrypt <<<"$contents" notmuch insert --folder=sent --decrypt <<<"$contents"
output=$(notmuch search wumpus) output=$(notmuch search wumpus)
expected='thread:0000000000000003 2000-01-01 [1/1(2)] Notmuch Test Suite; test encrypted message for cleartext index 002 (encrypted inbox unread)' expected='thread:0000000000000003 2000-01-01 [1/1(2)] Notmuch Test Suite; test encrypted message for cleartext index 002 (encrypted inbox unread)'
test_expect_equal \ test_expect_equal \
@ -93,8 +93,8 @@ test_expect_equal \
# try inserting it with decryption, should appear as a single copy # try inserting it with decryption, should appear as a single copy
# (note: i think thread id skips 4 because of duplicate message-id # (note: i think thread id skips 4 because of duplicate message-id
# insertion, above) # insertion, above)
test_begin_subtest "message cleartext is present with insert --try-decrypt" test_begin_subtest "message cleartext is present with insert --decrypt"
notmuch insert --folder=sent --try-decrypt <<<"$contents" notmuch insert --folder=sent --decrypt <<<"$contents"
output=$(notmuch search wumpus) output=$(notmuch search wumpus)
expected='thread:0000000000000005 2000-01-01 [1/1] Notmuch Test Suite; test encrypted message for cleartext index 002 (encrypted inbox unread)' expected='thread:0000000000000005 2000-01-01 [1/1] Notmuch Test Suite; test encrypted message for cleartext index 002 (encrypted inbox unread)'
test_expect_equal \ test_expect_equal \
@ -113,9 +113,9 @@ test_expect_equal \
"$output" \ "$output" \
"$expected" "$expected"
# see if first message shows up after reindexing with --try-decrypt=true (same $expected, untouched): # see if first message shows up after reindexing with --decrypt=true (same $expected, untouched):
test_begin_subtest 'reindex old messages' test_begin_subtest 'reindex old messages'
test_expect_success 'notmuch reindex --try-decrypt=true tag:encrypted and not property:index.decryption=success' test_expect_success 'notmuch reindex --decrypt=true tag:encrypted and not property:index.decryption=success'
test_begin_subtest "reindexed encrypted message, including cleartext" test_begin_subtest "reindexed encrypted message, including cleartext"
output=$(notmuch search wumpus) output=$(notmuch search wumpus)
test_expect_equal \ test_expect_equal \
@ -159,7 +159,7 @@ test_expect_equal \
add_email_corpus crypto add_email_corpus crypto
test_begin_subtest "indexing message fails when secret key not available" test_begin_subtest "indexing message fails when secret key not available"
notmuch reindex --try-decrypt id:simple-encrypted@crypto.notmuchmail.org notmuch reindex --decrypt id:simple-encrypted@crypto.notmuchmail.org
output=$(notmuch dump ) output=$(notmuch dump )
expected='#notmuch-dump batch-tag:3 config,properties,tags expected='#notmuch-dump batch-tag:3 config,properties,tags
+encrypted +inbox +unread -- id:simple-encrypted@crypto.notmuchmail.org +encrypted +inbox +unread -- id:simple-encrypted@crypto.notmuchmail.org
@ -180,7 +180,7 @@ notmuch restore <<EOF
#notmuch-dump batch-tag:3 config,properties,tags #notmuch-dump batch-tag:3 config,properties,tags
#= simple-encrypted@crypto.notmuchmail.org session-key=9%3AFC09987F5F927CC0CC0EE80A96E4C5BBF4A499818FB591207705DFDDD6112CF9 #= simple-encrypted@crypto.notmuchmail.org session-key=9%3AFC09987F5F927CC0CC0EE80A96E4C5BBF4A499818FB591207705DFDDD6112CF9
EOF EOF
notmuch reindex --try-decrypt id:simple-encrypted@crypto.notmuchmail.org notmuch reindex --decrypt id:simple-encrypted@crypto.notmuchmail.org
output=$(notmuch search sekrit) output=$(notmuch search sekrit)
expected='thread:0000000000000001 2016-12-22 [1/1] Daniel Kahn Gillmor; encrypted message (encrypted inbox unread)' expected='thread:0000000000000001 2016-12-22 [1/1] Daniel Kahn Gillmor; encrypted message (encrypted inbox unread)'
if [ $NOTMUCH_HAVE_GMIME_SESSION_KEYS -eq 0 ]; then if [ $NOTMUCH_HAVE_GMIME_SESSION_KEYS -eq 0 ]; then

2
test/test-lib.sh
View file

@ -347,7 +347,7 @@ emacs_deliver_message ()
# before sending, which is useful to doing things like attaching files # before sending, which is useful to doing things like attaching files
# to the message and encrypting/signing. # to the message and encrypting/signing.
# #
# If any GNU-style long-arguments (like --quiet or --try-decrypt=true) are # If any GNU-style long-arguments (like --quiet or --decrypt=true) are
# at the head of the argument list, they are sent directly to "notmuch # at the head of the argument list, they are sent directly to "notmuch
# new" after message delivery # new" after message delivery
emacs_fcc_message () emacs_fcc_message ()